I am a lazy user who is concerned about security. I have used ZA since about 2003 and moved to Pro in 2005. I am currently a ZA pro subscriber and it has given me some system performance problems in the past but nothing I couldn't get past. The problem with me, as I have already said, Im lazy.

I feel ZA Pro gives me decent security, I always pay attention to alerts it gives me and therefore I hope Im safe as i can be with a commercial customer product in this price range.

Im going to keep a note of this thread as it will be interesting to see if it is worth the investment in time in order to get a firewall that performs better than ZA Pro.

You're not lazy, Orange, if you can get past all the blocking of every app on your system.

But in all reality it isn't every app, just the ones that make your computer useful on the internet (well not exactly the apps, but sites that the apps connect to)....you can play solitare usually (I haven't seen that blocked), though you may not be able to play any online games even when you disable the firewall completely.

I really don't see the need to pay for a software firewall on Windows 7 and above. It was probably needed on earlier versions of Windows, but not anymore. The built in firewall in Windows 7 works great for me. If need be you can use a free frontend like Windows Firewall Control.

That's the job of your AV and heuristics. firewalls are to protect from targeted attacks or remote attacks. at the point when outbund traffic matters, it's to late and the virus will, if it's a decent one, have disabled your FW anyway.

a FW has a purpose, it's not what you think it is.

Actually sandboxing is better protection. As far as Zero day protection, I think MSE is terrible.

MSE is terrible compared to what, it's virus module is as good as Norton, but Norton is so much more than just the AV which makes it a far better total package, as far as sandboxing, it's one of those false protection cushions that make people think they're more protected than they are. relying on sandboxing for your protection is a terrible idea, and even so it won't protect you against many of the very clever phishing and Trojan attacks that are out today. it'll just protect against certain viruses.

MSE is terrible compared to what, it's virus module is as good as Norton, but Norton is so much more than just the AV which makes it a far better total package, as far as sandboxing, it's one of those false protection cushions that make people think they're more protected than they are. relying on sandboxing for your protection is a terrible idea, and even so it won't protect you against many of the very clever phishing and Trojan attacks that are out today. it'll just protect against certain viruses.

I'm referring to something like sandboxie for sandboxing your web browsing. Now if you download something and let it out of the sandbox and run it, sure you will get infected. I'm talking about using sandboxie in protected against drive-by / zero day exploits where the infection is contained inside the sandboxie sandbox.

I think it's a hell of a lot better than just relying on AV. Personally I run Avast, Malwarebytes, Sandboxie. I removed Java from my system and use flashblock to so flash content does not load automatically.

Meanwhile other people just want to use their computers and are not getting infected without being paranoid sandboxed.

Also pretty much all banks here use Java to log in (since they all use a security system called BankID, which uses i, and allows you to digitally sign documents with a legally binding electronic signature), so removing java is out of the question.

and there's always a way out of a sandbox, that's why they're called trojans. Well unless you go with the VM OS, but that's just plain ridiculous.

common sense beats any sandbox. common sense and MSE is enough for most people, and Norton will keep you safe even without common sense in most cases.

Meanwhile other people just want to use their computers and are not getting infected without being paranoid sandboxed.

Also pretty much all banks here use Java to log in (since they all use a security system called BankID, which uses i, and allows you to digitally sign documents with a legally binding electronic signature), so removing java is out of the question.

and there's always a way out of a sandbox, that's why they're called trojans. Well unless you go with the VM OS, but that's just plain ridiculous.

common sense beats any sandbox. common sense and MSE is enough for most people, and Norton will keep you safe even without common sense in most cases.

That's also why they are called drive by downloads. You go to a harmless site has has recently been compromised like say neowin (could happen). It then takes advantage of a zero day vulnerability on your system. Then the AV just so happens to miss it and you are now infected. In the case of a sandbox its more than likey contained. Thus no harm was done to the system. In this case just going to a trusted website got the computer infected. it had nothing to do with common sense.

In the case with you needing java, you are surfing the web with something that ALWAYS has vulnerabilities. that the bad guys know about and haven't used yet. So at the very least I would run quickjava if I HAD to use java, which let me turn it on for the bank but off the rest of the time.

Surfing the web with Java enabled and the word common sense cancel each other out. Because in this case you can use the worlds best common sense and still get infected.

That's also why they are called drive by downloads. You go to a harmless site has has recently been compromised like say neowin (could happen). It then takes advantage of a zero day vulnerability on your system. Then the AV just so happens to miss it and you are now infected. In the case of a sandbox its more than likey contained. Thus no harm was done to the system. In this case just going to a trusted website got the computer infected. it had nothing to do with common sense.

In the case with you needing java, you are surfing the web with something that ALWAYS has vulnerabilities. that the bad guys know about and haven't used yet. So at the very least I would run quickjava if I HAD to use java, which let me turn it on for the bank but off the rest of the time.

Surfing the web with Java enabled and the word common sense cancel each other out. Because in this case you can use the worlds best common sense and still get infected.

Assuming you visit dangerous sites, don't keep MSE up to date, don't keep Windows up to date, or Java or Flash or whatever, yeah, you're in danger.

In the case with you needing java, you are surfing the web with something that ALWAYS has vulnerabilities. that the bad guys know about and haven't used yet. So at the very least I would run quickjava if I HAD to use java, which let me turn it on for the bank but off the rest of the time.

Surfing the web with Java enabled and the word common sense cancel each other out. Because in this case you can use the worlds best common sense and still get infected.

Sorry, but you're sprouting ignorant bs from the "always has vulnerabilities" and to the end. Come back when you have an education and know what pure talking about. Btw your browser, our sandbox, your OS, your mail app, and everything else on your computer Alison"always have vulnerabilities" by your classification, sure no one knows what they are or that they are there, but they are.

Also Norton will in fact stop zero day vulnerabilities in drive by downloads. They have the top rating score on zero day test, and stopped everything.